Posted by: David Harley | January 16, 2018

Android Spyware

Securelist (Kaspersky) – Skygofree: Following in the footsteps of HackingTeam

David Harley

Advertisements
Posted by: David Harley | January 13, 2018

Fruitfly – Graham Cluley’s take for ESET

… Fruitfly malware spied on Mac users for 13 years – man charged

David Harley

Posted by: David Harley | January 12, 2018

Fruitfly: alleged author’s wings clipped…

…well, charged, not convicted.

Sophos considers the story here: Man charged with spying on thousands of Mac users for 13 years

Taylor Armerding tells us that an Ohio man

‘was charged with Computer Fraud and Abuse Act violations, Wiretap Act violations, production of child abuse imagery, and aggravated identity theft, according to a Department of Justice (DoJ) press release.’

David Harley

Posted by: David Harley | January 12, 2018

macOS DNS Hijacker

Patrick Wardle/Objective-See: Ay MaMi – › Analyzing a (new?) macOS DNS Hijacker: OSX/MaMi

(Speaks for itself, really).

David Harley

Posted by: David Harley | January 12, 2018

‘AdultSwine’ Android malware

The Register: ‘Mummy, what’s felching?’ Tot gets smut served by Android app – Google’s Play Store fails again

Actually, I didn’t know about felching, either, and I wish I hadn’t looked it up.

Based on Checkpoint’s blog article Malware Displaying Porn Ads Discovered in Game Apps on Google Play. Checkpoint says that this is a triple-threat attack: it may display ads that are often (very) pornographic, engineer users into installing fake security apps, and/or induce them to register with premium services.

David Harley

Posted by: David Harley | January 11, 2018

Apps: enterprise blacklist data

Appthority released its latest report: Q4 Appthority Pulse Report Finds Tinder and Instagram Added to Enterprise Blacklists. In fact, there’s rather more to it than Tinder and Instagram. If you aren’t sure whether to jump straight in and give Appthority your contact details, you could check Help Net Security’s summary to see whether you want to find out more: Apps most frequently blacklisted by enterprise security teams.

David Harley

Posted by: David Harley | January 11, 2018

Unwanted mobile redirects

Lily Hay Newman for Wired: Pop-Up Mobile Ads Surge As Sites Scramble To Stop Them

I virtually never use my phone where I can use a laptop, so I haven’t really been aware of this is a big issue. Interesting.

David Harley

Posted by: David Harley | January 11, 2018

Password problem in High Sierra

Tech Crunch: Another macOS password prompt can be bypassed with any password

The Register: Stop us if you’ve heard this one: Apple’s password protection in macOS can be thwarted – Developers (again) find preferences hole (again) that bypasses login box (again)

David Harley

Posted by: David Harley | January 5, 2018

Sometimes you _want_ to uninstall…

…but the macOS System Integrity Protection process may make de-installation difficult…

Thomas Claburn for The Register: Apple macOS so secure some apps can’t be easily deleted – Welcome to the Hotel California* security model

“An Apple macOS security process called System Integrity Protection can prevent certain apps from being easily uninstalled, which isn’t ideal when the code may be vulnerable or malware.”

David Harley

*Info for our younger readers: “You can check out any time you like/but you can never leave”

Posted by: David Harley | January 5, 2018

Meltdown/Spectre

Commentary from Apple: About speculative execution vulnerabilities in ARM-based and Intel CPUs  Also, About the security content of macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan

And from Google: Today’s CPU vulnerability: what you need to know

Related Resources:

David Harley

Older Posts »

Categories